Skip to content

chore: bump vault version to 1.20 #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 4, 2025
Merged

chore: bump vault version to 1.20 #144

merged 1 commit into from
Jul 4, 2025

Conversation

leoparente
Copy link
Contributor

This pull request refactors the Vault test setup in the agent/secretsmgr package to use Docker-based test clusters instead of in-memory Vault servers. This change improves test reliability and better simulates real-world scenarios. Key updates include replacing the createTestVault function, updating imports, and modifying all test cases to use the new Docker-based setup.

Important Note

We were importing entire vault project for testing and it has led to breaking package while upgrading:

This repository publishes two libraries that may be imported by other projects: github.com/hashicorp/vault/api and github.com/hashicorp/vault/sdk.
Note that this repository also contains Vault (the product), and as with most Go projects, Vault uses Go modules to manage its dependencies. The mechanism to do that is the go.mod file. As it happens, the presence of that file also makes it theoretically possible to import Vault as a dependency into other projects. Some other projects have made a practice of doing so in order to take advantage of testing tooling that was developed for testing Vault itself. This is not, and has never been, a supported way to use the Vault project. We aren't likely to fix bugs relating to failure to import github.com/hashicorp/vault into your project.

https://github.com/hashicorp/vault/tree/c0f4c2052ef68e7cefe17ba171276158610f8ddd?tab=readme-ov-file#importing-vault

Refactor of Vault Test Setup

  • Updated Vault test setup to use Docker-based clusters: The createTestVault function was rewritten to use docker.DockerCluster from the Vault SDK, replacing the previous in-memory Vault server setup. This enhances test reliability and mirrors production environments more closely. (agent/secretsmgr/vault_test.go, [1] [2]

Test Case Updates

  • Replaced in-memory Vault server with Docker-based cluster in all test cases: All test cases (TestVaultManager_getSecret, TestVaultManager_processString, TestVaultManager_processMap, TestVaultManager_processSlice, TestVaultManager_SolvePolicySecrets, TestVaultManager_RegisterUpdatePoliciesCallback, TestVaultManager_pollSecrets) were updated to use the new Docker-based createTestVault function. The cleanup logic was simplified with cluster.Cleanup. (agent/secretsmgr/vault_test.go, [1] [2] [3] [4] [5] [6]

Import Adjustments

  • Removed unused imports and added new dependencies: Unused imports related to the in-memory Vault server (net, vaulthttp, vaultsrv) were removed. New imports for Docker-based test clusters (testcluster, testcluster/docker) were added. (agent/secretsmgr/vault_test.go, agent/secretsmgr/vault_test.goL7-R79)

Address Handling

  • Updated address handling for Docker-based clusters: Test cases now use cluster.ClusterNodes[0].HostPort instead of ln.Addr().String() for Vault server address configuration. (agent/secretsmgr/vault_test.go, agent/secretsmgr/vault_test.goL612-R595)

@leoparente leoparente requested review from ltucker and jajeffries July 3, 2025 19:34
@leoparente leoparente self-assigned this Jul 3, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 3, 2025

Go test coverage

STATUS ELAPSED PACKAGE COVER PASS FAIL SKIP
🟢 PASS 0.17s github.com/netboxlabs/orb-agent/agent 0.0% 0 0 0
🟢 PASS 0.17s github.com/netboxlabs/orb-agent/agent/backend 0.0% 0 0 0
🟢 PASS 5.03s github.com/netboxlabs/orb-agent/agent/backend/devicediscovery 76.0% 3 0 0
🟢 PASS 0.01s github.com/netboxlabs/orb-agent/agent/backend/mocks 0.0% 0 0 0
🟢 PASS 5.03s github.com/netboxlabs/orb-agent/agent/backend/networkdiscovery 75.8% 3 0 0
🟢 PASS 4.02s github.com/netboxlabs/orb-agent/agent/backend/otel 76.4% 2 0 0
🟢 PASS 3.02s github.com/netboxlabs/orb-agent/agent/backend/pktvisor 65.6% 2 0 0
🟢 PASS 5.03s github.com/netboxlabs/orb-agent/agent/backend/snmpdiscovery 75.8% 3 0 0
🟢 PASS 5.03s github.com/netboxlabs/orb-agent/agent/backend/worker 76.0% 3 0 0
🟢 PASS 1.01s github.com/netboxlabs/orb-agent/agent/config 100.0% 6 0 0
🟢 PASS 1.04s github.com/netboxlabs/orb-agent/agent/configmgr 49.2% 9 0 0
🟢 PASS 1.01s github.com/netboxlabs/orb-agent/agent/policies 100.0% 15 0 0
🟢 PASS 1.02s github.com/netboxlabs/orb-agent/agent/policymgr 70.3% 10 0 0
🟢 PASS 25.27s github.com/netboxlabs/orb-agent/agent/secretsmgr 45.7% 45 0 0
🟢 PASS 1.01s github.com/netboxlabs/orb-agent/agent/version 100.0% 1 0 0

Total coverage: 58.0%

@leoparente leoparente merged commit ae32823 into develop Jul 4, 2025
5 checks passed
@leoparente leoparente deleted the chore/bump-vault-1.20 branch July 4, 2025 10:18
@github-actions GitHub Actions
Copy link

🎉 This PR is included in version 2.3.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jajeffries jajeffries jajeffries approved these changes

@ltucker ltucker Awaiting requested review from ltucker

Assignees

@leoparente leoparente

Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@leoparente @jajeffries